ansible/roles/nginx-reverse-proxy/tasks/main.yml

64 lines
1.5 KiB
YAML
Raw Normal View History

---
# nginx is the proxy server
2019-03-14 10:53:44 +01:00
# nginx-light contains less modules
# but also reduces the surface of attack
- name: Install NGINX server
apt:
2019-03-14 10:53:44 +01:00
name: nginx-light
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
2019-03-14 10:53:44 +01:00
# Install proxy snippets
- name: Configure NGINX proxy snippets
template:
src: nginx/snippets/{{ item }}.j2
dest: /etc/nginx/snippets/{{ item }}
2019-03-14 10:53:44 +01:00
mode: 0644
loop:
- proxy-common.conf
- proxy-common-ssl.conf
notify: Reload NGINX service
# Install sites
- name: Configure NGINX sites
template:
2019-03-14 10:53:44 +01:00
src: nginx/nginx-sites-available.j2
dest: /etc/nginx/sites-available/{{ item.name }}
mode: 0644
loop: "{{ reversed_proxy_subdomains }}"
notify: Reload NGINX service
# Desactive useless nginx sites
- name: Deactivate the default NGINX site
file:
path: /etc/nginx/sites-enabled/default
state: absent
notify: Reload NGINX service
# Activate sites
- name: Activate sites
file:
src: /etc/nginx/sites-available/{{ item.name }}
dest: /etc/nginx/sites-enabled/{{ item.name }}
state: link
loop: "{{ reversed_proxy_subdomains }}"
notify: Reload NGINX service
2019-03-04 09:34:47 +01:00
# Install main site
- name: Configure NGINX main site
template:
2019-03-14 10:53:44 +01:00
src: nginx/nginx-sites-available-main.j2
2019-03-04 09:34:47 +01:00
dest: /etc/nginx/sites-available/main
mode: 0644
notify: Reload NGINX service
# Activate main site
- name: Activate main site
file:
src: /etc/nginx/sites-available/main
dest: /etc/nginx/sites-enabled/main
state: link
notify: Reload NGINX service